Today, more than ever before, IT Departments face risks from internal and external sources.
This means that companies need to protect themselves from the internal day to day silly mistakes staff make online while browsing or in Email as much as from external threats such as automated hacking AI bots all the way through to risk of commercial competition trying to get at your company IP.
Let’s address each of these,
1. Protecting your company from your own staff
Human beings are the weakest link when it comes to cyber security.
Viruses, malware and advanced techniques that use social engineering are all betting on one thing – that one of your users will be naïve or distracted enough to click on a link, provide information or inadvertently take an action that opens your organisation to attack.
No matter how much you invest in cyber security software and cyber security insurance, it may all be for nothing if you’re not promoting cyber awareness amongst your users.
It is easy to become complacent about security when a company installs an anti-virus and a firewall, however, this does not protect your network if your own staff have not been trained in correct IT usage.
It is therefore necessary to create an IT usage training policy that teaches and reminds your IT users how to circumnavigate the daily risks they and your network face when using IT.
With an increased use of computer system across the world, there are many threats which are also increasing along with it resulting in risk of data security for individual and organisations.
Data is the most crucial and essential component of every organization, and no one would want to risk the confidential data to the viruses approaching the computer system.
Antivirus is recommended for every computer system to keep it secure from any unknown threats approaching your computer system from the internet, external drives, memory sticks, etc. and keeps your confidential data secured.
2. External threats / risks
A firewall must be installed which will aid in minimizing threats to your network
THE THREE DIFFERENT TYPES OF FIREWALLS
• Packet Filters
Packet Filter Firewall controls the network access by analysing the outgoing and incoming packets. It lets a packet pass or block its way by comparing it with pre-established criteria like allowed IP addresses, packet type, port number, etc. Packet filtering technique is suitable for small networks but gets complex when implemented to larger networks.
• Stateful Inspection
Stateful Packet Inspection (SPI), which is also sometimes called dynamic packet filtering, is a powerful firewall architecture which examines traffic streams from end to end. These smart and fast firewalls use an intelligent way to ward off the unauthorized traffic by analysing the packet headers and inspecting the state of the packets along with providing proxy services.
• Proxy Server Firewalls
Also called the application level gateways, Proxy Server Firewalls are the most secured type of firewalls that effectively protect the network resources by filtering messages at the application layer. Proxy firewalls mask your IP address and limit traffic types.
moving into 2020, an IP filter appliance is just not good enough to secure your business.
Additionally, you need to invest in DNS filtering solutions as well
These solutions ‘filter’ every bit of traffic into your network in an offsite cloud based safe environment first..
Top 6 DNS Security Software
- Webroot DNS Protection
- OpenDNS Umbrella
- Open DNS Personal Internet Security
- WebTitan Web Filter
3. In conclusion
An IT department can enjoy a reasonably low risk environment when there is a multiple managed policy around training staff on usage bundled with Antivirus software, Firewalls and DNS Protection services
If you would like more detail on how to manage your IT Department better and to avoid these risks -Just click here! https://switchedon.co.za/contact-us/
And follow us on LinkedIn – https://www.linkedin.com/company/switchedonit/
David Green MD SwitchedOnIT